| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 01 Jan 2007 22:00:04 +0100 From: Tino Wildenhain <tino@...denhain.de> To: Bill Nash <billn@...ln.net> Cc: Kevin Waterson <kevin@...ania.net>, bugtraq@...urityfocus.com Subject: Re: PHP as a secure language? PHP worms? [was: Re: new linux malware] Bill Nash schrieb: ... > *ANY* language implemented for *ANY* purpose is as secure as the > programmer makes it. The way the original post is written, > s/PHP/(Perl|ASP|C|bash|BASIC|four little buddhist monks fighting over an > abacus)/ is applicable. The vulnerabilities that we see, that Gadi refers > to, aren't widespread because PHP is widespread, but because insecure > applications written in PHP are. A better use of energy would be > focusing on the most vulnerable platforms and educating the developers. But aparently they aren't educatable - hence they stick to this language. (Because of the many bad examples they can cut&paste code from) T.
Powered by blists - more mailing lists